Applies To:
Show Versions
BIG-IP APM
- 16.0.1, 16.0.0, 15.1.0, 15.0.1, 15.0.0, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.3, 13.1.1, 13.1.0
Clients for Linux
About Linux
clients
About browser-based connections from Linux, Mac, and Windows clients
Requirements for client installation and use on Linux
Requirement | Specification |
---|---|
Browser | Use Firefox for installing the client component. The browser must
support the installation of plugins. |
Firewall settings | If you have a firewall enabled on your Linux system, you must enable access on IP
address 127.0.0.1, port 44444 . |
PPP | The system must support PPP. (This is usually the case.) The user must have
permission to run the PPP daemon. |
Installation privilege | The remote user must have superuser authority, or, must be able to supply an
administrative password to successfully install the Network Access client. |
About Network Access
features for Linux clients
Specifying applications to start on a Linux client
- On the Main tab, click.The Network Access Lists screen opens.
- In the Name column, click the name of the network access resource you want to edit.
- To configure applications to start for clients that establish a Network Access connection with this resource, clickLaunch Applicationson the menu bar.
- ClickAddto add an application list.A screen opens showing the Add Application To Launch area.
- In theApplication Pathfield type an application to launch.For example, type/usr/bin/mozillato start Mozilla.
- In theParametersfield, type a parameter.For example, typehttp://www.f5.com.
- From theOperating Systemlist, selectUnix.
- ClickFinishedto add the configuration.
Overview: Installing and using the CLI for Linux
Downloading the Linux command line client
- On the Main tab, click.A list of available client downloads displays.
- Click the requiredCommand Line Client for Linuxrpm/debfile to download.Therpm/debfile is downloaded to your local directory.
Importing a certificate to the local trust store
- Using operating system commands, place the certificate in any folder in the operating system.For example,/etc/certs.
- Change the directory.For example,cd /etc/certs.
- Type the commandc_rehash ./.
Linux client commands
- f5fpc --start [arguments]
- f5fpc -s [arguments]
Arguments | Description |
---|---|
| Returns the command line interface immediately after the command. |
| The host name to which the client starts the VPN connection. This is required.
|
| The optional user name for the connection. |
| The optional password for the connection. |
| The optional hex-encoded user name for the connection. |
| The optional hex-encoded password for the connection. |
| Specifies an optional client certificate. |
| Specifies the key for an optional client certificate. |
| Specifies the password for an optional SSL certificate. |
| Specifies a certificate from a trusted certificate authority (CA). If
--cacert or --cacertdir is specified, then the
server certificate validates for trust against the specified certificate or directory.
If --cacert or --cacertdir is not specified, then
the default location /etc/ssl/certs is checked to verify trust.
The --nocheck option can be specified if a server certificate check
is not desired, though this is not recommended. |
| Specifies a certificate directory that contains a certificate from a trusted CA.
If --cacert or --cacertdir is specified, then the
server certificate validates for trust against the specified certificate or directory.
If --cacert or --cacertdir is not specified, then
the default location /etc/ssl/certs is checked to verify trust.
The --nocheck option can be specified if a server certificate check
is not desired, though this is not recommended. |
| Specifies that the trusted CA certiicate is not verified for trust at all. If
--cacert or --cacertdir is specified, then the
server certificate validates for trust against the specified certificate or directory.
If --cacert or --cacertdir is not specified, then
the default location /etc/ssl/certs is checked to verify trust.
The --nocheck option can be specified if a server certificate check
is not desired, though this is not recommended. |
- f5fpc --stop
- f5fpc --o
- f5fpc --info
- f5fpc --i
- f5fpc --help
- f5fpc --h
Info command status and error codes
Error code/command status | Hex value | Shell value | Description |
---|---|---|---|
CLI_ERROR_SUCCESS | 0x0 | 0 | The command line operation was successful. |
CLI_ERROR_USERS_DISCONNECT | 0x150 | 80 | The user was disconnected |
CLI_ERROR_LOGON_FAILURE | 0x151 | 81 | Login failed due to incorrect authenticaion information or login errors. |
CLI_ERROR_ATTENTION_REQUIRED | 0x154 | 84 | The user's attention is required. |
CLI_ERROR_GENERIC_FAILURE | 0x155 | 85 | An error occurred in the system API. |
CLI_ERROR_UNKNOWN_PARAMETER | 0x156 | 86 | An incorrect or unknown parameter was passed to the command line. |
CLI_ERROR_WRONG_VALUE | 0x157 | 87 | This is an undefined error. |
CLI_ERROR_UNKNOWN_SESSION_ID | 0x158 | 88 | An unknown session ID was encountered. The user should reconnect to the
server. |
CLI_ERROR_NO_PROFILE | 0x15B | 91 | No such profile exists. |
CLI_ERROR_MSGQ_OPEN_FAILURE | 0x15D | 93 | The system failed to open the message queue. |
CLI_ERROR_OPERATION_IN_PROGRESS | 0x15F | 95 | An operation is in progress, please retry. |
kss_Initialized | 1 | 1 | The session is initialized. |
kss_LogonInProgress | 2 | 2 | The user login is in progress. |
kss_Idle | 3 | 3 | The session is idle. |
kss_Established | 5 | 5 | The session is established. |
kss_AttentionReq | 6 | 6 | The session requires the user's attention. |
kss_LogonDenied | 7 | 7 | Login was denied. |
kss_LoggedOut | 8 | 8 | The user is logged out of the server. |
Editing the log level for Edge Client on Linux
- In the/usr/local/lib/F5Networksdirectory, open thef5networks.conffile.
- Edit the settings to change the log level.By default, the values are 0 (zero). For debugging purposes, set the values to 5.
VPN component installation and log locations on Linux
Category | Location |
---|---|
VPN component | /usr/local/lib/F5Networks |
VPN logs | ~/.F5Networks |